Abstract

Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today’s dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of entities (subject and object), operations, and the environment relevant to a request, but great care must be taken in setting up and maintaining the access control rules that allow such flexible operations. This article summarizes important considerations in ABAC deployment first introduced in the "Guide to Attribute Based Access Control."

Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today’s dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of entities (subject and object), operations,...
See full abstract

Attribute Based Access Control (ABAC) is a popular approach to enterprise-wide access control that provides flexibility suitable for today’s dynamic distributed systems. ABAC controls access to objects by evaluating policy rules against the attributes of entities (subject and object), operations, and the environment relevant to a request, but great care must be taken in setting up and maintaining the access control rules that allow such flexible operations. This article summarizes important considerations in ABAC deployment first introduced in the "Guide to Attribute Based Access Control."Hide full abstract